Corporate computing assets, such as laptops, phones, PDAs, etc. are utilized outside corporate firewalls more than ever before. With increasing numbers of employees either working from home or “on the road,” controlling and managing corporate information technology (IT) assets is becoming a difficult or serious problem. Also, as networks become ubiquitous, computing assets are able to connect in a variety of ways as they move about during use, including traditionally insecure locations like public “hotspots,” hotels, etc. While corporations may have “paper policies” indicating employees must use security products (e.g., VPN tunnels) when making network connections in these insecure and/or public locations, they have no practical means to actually enforce them. (For example, existing tools are known to launch a VPN connection, but none are known to enforce and confirm its correct use.)
In turn, corporate assets violating policy risk security not only to the hardware and data files of the asset, but also to the entire corporate enterprise when infected devices are brought behind and used inside the corporate firewall. With the advent of virtual computing devices, problems are further exacerbated since a single hardware platform will often guest many virtual computing devices, each with potentially vastly different operating systems, drivers, interfaces, etc., and their own ability to make network connections.
Accordingly, a need exists in the art of endpoint computing assets for better enforcement of policies in network environments. Also, such need should extend to virtual environments, each with many domains per a single hardware platform, and to mobile environments as assets move about during use. Naturally, any improvements along such lines should further contemplate good engineering practices, such as simplicity, ease of implementation, unobtrusiveness, etc.